CoreLibs/development
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Symmetric encryption key set tests

Browse Source
This commit is contained in:
Clemens Schwaighofer
2024-12-17 18:23:10 +09:00
parent cc067cc202
commit 185d044a0b
2 changed files with 39 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

46
4dev/tests/Security/CoreLibsSecuritySymmetricEncryptionTest.php
View File

@@ -15,6 +15,8 @@ use CoreLibs\Security\SymmetricEncryption;
*/ */
final class CoreLibsSecuritySymmetricEncryptionTest extends TestCase final class CoreLibsSecuritySymmetricEncryptionTest extends TestCase
{ {
// MARK: key set compare
/** /**
* Undocumented function * Undocumented function
* *
@@ -65,6 +67,25 @@ final class CoreLibsSecuritySymmetricEncryptionTest extends TestCase
); );
} }
// MARK: empty encrypted string
/**
* Undocumented function
*
* @covers ::decryptKey
* @covers ::decrypt
* @testdox Test empty encrypted string to decrypt
*
* @return void
*/
public function testEmptyDecryptionString(): void
{
$this->expectExceptionMessage('Encrypted string cannot be empty');
SymmetricEncryption::decryptKey('', CreateKey::generateRandomKey());
}
// MARK: encrypt/decrypt compare
/** /**
* Undocumented function * Undocumented function
* *
@@ -161,6 +182,8 @@ final class CoreLibsSecuritySymmetricEncryptionTest extends TestCase
); );
} }
// MARK: invalid key
/** /**
* Undocumented function * Undocumented function
* *
@@ -250,6 +273,8 @@ final class CoreLibsSecuritySymmetricEncryptionTest extends TestCase
SymmetricEncryption::decryptKey($encrypted, $wrong_key); SymmetricEncryption::decryptKey($encrypted, $wrong_key);
} }
// MARK: wrong key
/** /**
* Undocumented function * Undocumented function
* *
@@ -290,9 +315,7 @@ final class CoreLibsSecuritySymmetricEncryptionTest extends TestCase
$enc_key = CreateKey::generateRandomKey(); $enc_key = CreateKey::generateRandomKey();
// class // class
if (empty($key)) { $this->expectExceptionMessage($exception_message);
$this->expectExceptionMessage($exception_message);
}
$crypt = new SymmetricEncryption($key); $crypt = new SymmetricEncryption($key);
$this->expectExceptionMessage($exception_message); $this->expectExceptionMessage($exception_message);
$crypt->encrypt('test'); $crypt->encrypt('test');
@@ -353,6 +376,8 @@ final class CoreLibsSecuritySymmetricEncryptionTest extends TestCase
SymmetricEncryption::decryptKey($encrypted, $key); SymmetricEncryption::decryptKey($encrypted, $key);
} }
// MARK: wrong input
/** /**
* Undocumented function * Undocumented function
* *
@@ -438,21 +463,6 @@ final class CoreLibsSecuritySymmetricEncryptionTest extends TestCase
$this->expectExceptionMessage($exception_message); $this->expectExceptionMessage($exception_message);
SymmetricEncryption::decryptKey($input, $key); SymmetricEncryption::decryptKey($input, $key);
} }
/**
* Undocumented function
*
* @covers ::decryptKey
* @covers ::decrypt
* @testdox Test empty encrypted string to decrypt
*
* @return void
*/
public function testEmptyDecryptionString(): void
{
$this->expectExceptionMessage('Encrypted string cannot be empty');
SymmetricEncryption::decryptKey('', CreateKey::generateRandomKey());
}
} }
// __END__ // __END__

27
www/lib/CoreLibs/Security/SymmetricEncryption.php
View File

@@ -97,6 +97,9 @@ class SymmetricEncryption
* *
* @param ?string $key The key from which the binary key will be created * @param ?string $key The key from which the binary key will be created
* @return string Binary key string * @return string Binary key string
* @throws \UnexpectedValueException empty key
* @throws \UnexpectedValueException invalid hex key
* @throws \RangeException invalid length
*/ */
private function createKey( private function createKey(
#[\SensitiveParameter] #[\SensitiveParameter]
@@ -125,9 +128,9 @@ class SymmetricEncryption
* @param string $encrypted Text to decrypt * @param string $encrypted Text to decrypt
* @param ?string $key Mandatory encryption key, will throw exception if empty * @param ?string $key Mandatory encryption key, will throw exception if empty
* @return string Plain text * @return string Plain text
* @throws \RangeException * @throws \UnexpectedValueException key cannot be empty
* @throws \UnexpectedValueException * @throws \UnexpectedValueException decipher message failed
* @throws \UnexpectedValueException * @throws \UnexpectedValueException invalid key
*/ */
private function decryptData( private function decryptData(
#[\SensitiveParameter] #[\SensitiveParameter]
@@ -169,8 +172,7 @@ class SymmetricEncryption
* @param string $message Message to encrypt * @param string $message Message to encrypt
* @param ?string $key Mandatory encryption key, will throw exception if empty * @param ?string $key Mandatory encryption key, will throw exception if empty
* @return string Ciphered text * @return string Ciphered text
* @throws \Exception * @throws \UnexpectedValueException create message failed
* @throws \RangeException
*/ */
private function encryptData( private function encryptData(
#[\SensitiveParameter] #[\SensitiveParameter]
@@ -208,6 +210,7 @@ class SymmetricEncryption
* *
* @param string $key * @param string $key
* @return void * @return void
* @throws \UnexpectedValueException key cannot be empty
*/ */
public function setKey( public function setKey(
#[\SensitiveParameter] #[\SensitiveParameter]
@@ -216,6 +219,9 @@ class SymmetricEncryption
if (empty($key)) { if (empty($key)) {
throw new \UnexpectedValueException('Key cannot be empty'); throw new \UnexpectedValueException('Key cannot be empty');
} }
// check that this is a valid key
$this->createKey($key);
// set key
$this->key = $key; $this->key = $key;
sodium_memzero($key); sodium_memzero($key);
} }
@@ -250,10 +256,6 @@ class SymmetricEncryption
* @param string $encrypted Message encrypted with safeEncrypt() * @param string $encrypted Message encrypted with safeEncrypt()
* @param string $key Encryption key (as hex string) * @param string $key Encryption key (as hex string)
* @return string * @return string
* @throws \Exception
* @throws \RangeException
* @throws \UnexpectedValueException
* @throws \UnexpectedValueException
*/ */
public static function decryptKey( public static function decryptKey(
#[\SensitiveParameter] #[\SensitiveParameter]
@@ -269,9 +271,6 @@ class SymmetricEncryption
* *
* @param string $encrypted Message encrypted with safeEncrypt() * @param string $encrypted Message encrypted with safeEncrypt()
* @return string * @return string
* @throws \RangeException
* @throws \UnexpectedValueException
* @throws \UnexpectedValueException
*/ */
public function decrypt( public function decrypt(
#[\SensitiveParameter] #[\SensitiveParameter]
@@ -287,8 +286,6 @@ class SymmetricEncryption
* @param string $message Message to encrypt * @param string $message Message to encrypt
* @param string $key Encryption key (as hex string) * @param string $key Encryption key (as hex string)
* @return string * @return string
* @throws \Exception
* @throws \RangeException
*/ */
public static function encryptKey( public static function encryptKey(
#[\SensitiveParameter] #[\SensitiveParameter]
@@ -304,8 +301,6 @@ class SymmetricEncryption
* *
* @param string $message Message to encrypt * @param string $message Message to encrypt
* @return string * @return string
* @throws \Exception
* @throws \RangeException
*/ */
public function encrypt( public function encrypt(
#[\SensitiveParameter] #[\SensitiveParameter]